PGP Key Strength

PGPStrength · October 4, 2024, 10:38am

Greetings Community!

I am inquiring about an urgent need of knowledge on this subject.

I am using GPG / PGP to encrypt important text and files.

These files are extremely sensitive and very valuable.

Currently I am using RSA 4096 bit Key with a 64 Character Passphrase. Is this the best possible Key encryption method or is Ed25519 more secure and unbreakable?

I need to know the answer urgently

cklassen · October 7, 2024, 6:54am

Hi,

the Federal Office for Information Security (BSI) in Germany published a guideline (BSI TR-02102-1: “Cryptographic Mechanisms: Recommendations and Key Lengths” Version: 2024-1) where they explain that you can reach a high security level with different encryption technologies. Your current key is already very secure.

On the other hand there probably is a good reason why Ed25519 is the new default in GnuPG (search for the release notes for 2.3.0 in the NEWS file.

PGPStrength · October 7, 2024, 8:17am

Thanks for your reply and I appreciate the response.

I’ve been using RSA 4096 Bit for about 5 years now I believe, and with it I encrypt super sensitive text and files with it.

I then upload these files to public servers and so far I can say certainly they have not been cracked as they contain over $100m+ in assets.

Going on with this, would you say it is still the best choice to continue using RSA 4096 Bit or should I upgrade to Edd?

bernhard · October 7, 2024, 8:26am

In addition to what @cklassen wrote:

The best public key encryption method depends on your needs, so there is no universal best practice.

Using the default of GnuPG is a good choice as it strikes a balance between several aspects. It is considered secure enough, and then extra effort should be put into securing your surrounding operating system and procedures.

Like using a hardware security token (like an USB or smartcard) to hold your private key material and running a hardened operating system.

The discussion of RSA LargeKeys - GnuPG wiki has some more technical details on the key length aspects.

Ed25519 is the new default because it is becoming interoperable with many implementations and it offers smaller key sizes compared to RSA as the underlying mathematical problem is harder.

Best,
Bernhard